General
-
Target
2e6f29bd157cb74adaa7d6eae96058b5e566c8d7941c93871b93671b1841d068
-
Size
4.1MB
-
Sample
230326-zrnaxaaa49
-
MD5
534f0350f3b62d651a54101fa2af2939
-
SHA1
60ad08acacba1ad720780bf8c0d10b6ba59cb35c
-
SHA256
2e6f29bd157cb74adaa7d6eae96058b5e566c8d7941c93871b93671b1841d068
-
SHA512
57a5b5115a877a81207208b9d1f0c37155650f45c3ad925760c6139690cb4e59609ff36be08cd9526543aa43c645e9554b10a5caa1e7799dfec9ac396d8a6125
-
SSDEEP
98304:21Mvy3BUmqtAP5v+7QhtPwaHYVYBSKkUTO/7TfaL:21TUFSF+7QzZzBSKdTqbE
Static task
static1
Malware Config
Targets
-
-
Target
2e6f29bd157cb74adaa7d6eae96058b5e566c8d7941c93871b93671b1841d068
-
Size
4.1MB
-
MD5
534f0350f3b62d651a54101fa2af2939
-
SHA1
60ad08acacba1ad720780bf8c0d10b6ba59cb35c
-
SHA256
2e6f29bd157cb74adaa7d6eae96058b5e566c8d7941c93871b93671b1841d068
-
SHA512
57a5b5115a877a81207208b9d1f0c37155650f45c3ad925760c6139690cb4e59609ff36be08cd9526543aa43c645e9554b10a5caa1e7799dfec9ac396d8a6125
-
SSDEEP
98304:21Mvy3BUmqtAP5v+7QhtPwaHYVYBSKkUTO/7TfaL:21TUFSF+7QzZzBSKdTqbE
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-